Wishing you all a great 2014. I hope this is the right section.
Basically we have a Dell Poweredge R520 server in our office, and we now want to install some accounting software that can be accessed ...

And having found a server IP that is controlling it. How can I find out the log-in credentials this client uses to log in to a IRC channel / server webpage / control panel. I have found out a python ...

I have a couple of machines that I use for purely automated stuff, with home directories encrypted using ecryptfs. So even if the machine is powered on, those directories aren't decrypted unless that ...

CAcert and StartSSL both only validate domains whose TLD is owned by the requester. I have a few subdomains that come from places like freeDNS that I would like to run an SSL-secured server on. Are ...

I've heard that Ubuntu has some sort of "phone home" system that is enabled by default. The kind of stuff that passes along performance information and that type of things to Canonical. I don't know ...

I'm IT in a small company. The network is about as ancient as most of the staff (at 30, I'm the company's youngest), and the staff also is notorious for spreading viruses around the network despite ...

I have an application which is hosted on a windows server on which an SQL DB exists. This server communicates with the clients and agents installed on host PCs through TCP/IP and SSL connections. I'm ...

I was arguing with a friend about logs in user logins. I think that logs means a big audit source for IT audit professionals. Why should I log successful log-ins to my server?
It's so important log ...

I keep seeing "python-requests/1.1.0 CPython/2.7.4 Linux/3.8.0-19-generic" requests e.g. from Amazon's servers of my website.
It's kind of creepy.
Who would set up an Amazon server to scan websites? ...

What would be the best ways to protect sensitive data stored on a server/drive that gets stolen? The confidentiality of the data is what is important, not retrieving it. Obviously, physical means are ...

I have a server on which I keep an encrypted backup of some data. The server updates the backup once a day if the data has been changed and is physically accessible to many people. Further, I would ...

Whether I'm using a normal internet connection setup, or tunnelling it through an anonymizing VPN or through TOR, what information of mine is revealed to whatever DNS server that I choose (e.g. Google ...

Is it a requirement to also disable SSL v2 and weak ciphers on client PC's? I have seen quite a few posts for disabling them on servers, but nothing about a regular client PC, say, running Windows XP ...

If I really need to use these methods, how do i make sure they are secure?
Edit: Is there a link or source where I can see how to make sure that 'PUT' and 'DELETE' methods are not able to delete or ...

I'm looking for a pattern to store a config file containing sensitive information in a semi trusted hosting environment. Semi trusted in this case meaning I trust them in general, but not with this ...

I am facing an issue where hackers are seeking to compromise two of my servers. They succeeded in wiping out both and stealing my backups. I had off-site backups and I am back online. Nonetheless, I ...

I have some data on the server (running Linux) which needs to be encrypted (company policy). This data is being served by an application running on this machine. Now I consider a few possibilities:
...

I'm running a server of which I protected the BIOS with a password. One doesn't have to enter this password before booting, but before entering the BIOS setup. I just did this from routine. However, ...

I've recently read here an answer from a user about the way he hacked a server in a CTF contest. At some point in the description, he said that he did sudo vim and then spawned a shell via VIM using ...

I'm going to purchase my own dedicated server service soon and run few python server scripts on it.
Firstly, let me tell you that I am total noob when it comes to internet security and was unable to ...

Using type- and memory-safe languages like Java and Scala for server applications gave me the confidence of having a basic level of security (e.g. compared to C). Now with the recent wave of Oracle ...